Jude Karabus reports: Medway council in Kent has corked a hole in its website that spat out residents’ names, mailing addresses, phone numbers and email addresses after a Reg reader got in touch to complain. The breach appeared courtesy of some of Medway Council’s electronic forms. The council’s eforms were conceived during a collaboration of…
Category: Exposure
SG: Spize fined S$20,000 after more than 100 customers’ personal data leaked
Food and beverage outlet operator Spize has been fined S$20,000 after the personal data of about 150 customers was disclosed on its online ordering portal in 2017. In the grounds of decision dated Thursday (Jul 4), which was published on the Personal Data Protection Commission (PDPC) website, the PDPC received a complaint on Aug 12,…
Telangana website leaking sensitive data of pensioners; official says it won’t be fixed until July 31
Soumyarendra Barik reports something that is somewhat… “mind-boggling:” Sensitive information, including bank account numbers, PAN numbers, PPO (pension payment order) IDs, tax-deductions and pension amounts of retired state government employees is being leaked on the Directorate of Treasuries and Accounts (DoTA) website, according to a New Indian Express report. Director of Treasuries and Accounts KSRC…
MYOB in payslip privacy bungle
Ry Crozier reports: Imagine what would happen if you went to open your emailed group certificate and found out it was your boss’ or a colleague’s instead. That’s the rather awkward situation some customers of MYOB could be facing after its automated payroll program accidentally emailed 220 individual payment summaries to the wrong people. Read…
Eight people are arrested in Hong Kong over cyberattacks against police as the city copes with the aftermath of anti-government protests
AFP and Tracy You report: Hong Kong police said today they had arrested eight people for stealing and disclosing personal information of officers online as the city grapples with the aftermath of unprecedented anti-government protests that saw its parliament ransacked. […] Six men and two women, aged 16-40, were arrested last night for allegedly ‘doxxing’…
Billions of Records Including Passwords Leaked by Smart Home Vendor (Updated)
Sergiu Gatlan reports: A publicly accessible ElasticSearch cluster owned by Orvibo, a Chinese smart home solutions provider, leaked more than two billion user logs containing sensitive data of customers from countries all over the world. Orvibo provides its clients with smart solutions designed to help them manage houses, offices, and hotel rooms via smart systems…